Information security – Policy
Reexamination Certificate
2007-12-11
2007-12-11
Zand, Kambiz (Department: 2134)
Information security
Policy
C726S006000, C707S793000
Reexamination Certificate
active
09483164
ABSTRACT:
A system and method for defining and enforcing a security policy. Security mechanism application specific information for each security mechanism is encapsulated as a key and exported to a semantic layer. Keys are combined to form key chains within the semantic layer. The key chains are in turn encapsulated as keys and passed to another semantic layer. A security policy is defined by forming key chains from keys and associating users with the key chains. The security policy is translated and exported to the security mechanisms. The security policy is then enforced via the security mechanisms.
REFERENCES:
patent: 5335346 (1994-08-01), Fabbio
patent: 5745687 (1998-04-01), Randell
patent: 5826239 (1998-10-01), Du et al.
patent: 6035399 (2000-03-01), Klemba et al.
patent: 6088679 (2000-07-01), Barkley
patent: 6324647 (2001-11-01), Bowman-Amuah
patent: 6357010 (2002-03-01), Viets et al.
patent: 0854431 (1998-07-01), None
Olivier, Martin S. “Specifying Application-level Security in Workflow Systems”, IEEE, Aug. 1998.
Samarati, Pierangela., Ravi S. Sandhu. “Access Control: Principles and Practice”, Sep. 1994.
Awischus, Roland. “Role Based Access Control with the Security Administration Manager (SAM)”, ACM, 1997.
Sandhu, Ravi., Venkata Bhamidipati and Qamar Munawer. “The ARBAC97 Model for Role-Based Administration of Roles”, Feb. 1999.
Black, Stewart., Vijah Varadharajan. “A Multilevel Security Model for a Distributed Object-Oriented System”, IEEE 1990.
Gligor, Virgil. “Characteristics of Role-Based Access Control”, 1996.
Greenwald, Steven J. “A New Security Policy for Distributed Resource Management and Access Control”, ACM, 1996.
Lupu, Emil., Morris Sloman and Nicholas Yialelis. “Role-Based Security for Distributed Object Systems”, IEEE 1996.
Moffett, Jonathan D., Morris S. Sloman. “Policy Hierarchies for Distributed Systems Management”, IEEE Journal on Selected Areas in Communications, vol. 11 No. 9, Dec. 1993.
Munawer, Qamar., Ravi Sandhu. “The RRA97 Model for Role-Basd Administration of Role Hierarchies”, Dec. 1998.
Nyanchama, Matunda et al. “The Role Graph Model and Conflict of Interest”, Feb. 1999, ACM, ACM Transactions on Information and System Security, vol. 2, No. 1, pp. 3-33.
Chang, S. K., et al., “A Visual Language for Authorization Modeling”,IEEE, 110-118, (Sep. 1997).
Payne, C., et al., “Napolean: A Recipe for Workflow”,Proceedings of the 15th Annual Computer Security Applications Conference, pp. 1-9, (Dec. 1999).
Thomsen, D., et al., “Napoleon Network Application Policy Environment”,Proceedings of the 4th ACM Workshop on Role-Based Access Control, XP002163998, pp. 145-152, (Oct. 1999).
Thomsen, D., et al., “Role Based Access Control Frameworks for Network Enterprises”,14th Annual Security Applications Conference, pp. 1-9, (Dec. 1998).
Varadharajan, V., et al., “Issues in the Design of Secure Authorization Service for Distributed Applications”,IEEE, Sydney, Australia, 874-879, (Nov. 1998).
Bogle Jessica
O'Brien Richard
Payne Charles
Thomsen Daniel Jay
Secure Computing Corporation
Simitoski Michael J
Zand Kambiz
LandOfFree
Locally adaptable central security management in a... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Locally adaptable central security management in a..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Locally adaptable central security management in a... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3851629